basecamp/google_sign_in: Sign in (or up) with Google for Rails applications

Summary of basecamp/google_sign_in Gem

This article details the basecamp/google_sign_in Ruby gem, which enables users to sign up for or sign into a Rails application using their Google accounts via OAuth 2.0.

Thesis

The gem provides the necessary components for integrating Google Sign-In functionality into a Rails application (requiring Rails 5.2+).

Key Points & Actionable Insights

• Installation: Add the gem to the Gemfile and run bundle install.
• Google Setup: Requires setting up an OAuth 2.0 Client ID in the Google API Console, selecting "Web application" as the type.
• Redirect URIs: The gem uses a default callback at /google_sign\_in/callback. You must register this URI for production and a local URI (e.g., http://localhost:3000/...) for development, ideally using separate client IDs for each environment.
• Configuration: Client ID and secret must be configured, preferably using encrypted Rails credentials (bin/rails credentials:edit) or environment variables.
• Usage: Use the google_sign_in_button helper to generate the sign-in button. When using Turbo, add data: { turbo: "false" } to prevent asynchronous execution.
• Post-Authentication: After success, the app redirects to a specified proceed_to URL, receiving the Google ID token in flash[:google_sign_in][:id_token]. The provided proceed_to URL must reside on the same origin for security.
• Token Verification: The GoogleSignIn::Identity class handles decoding and verifying the ID token. Actionable Insight: Use user_id (not email) to link to application users, as the ID is constant.

Notable Data

• The gem will not receive further feature development or minor bug fixes; it is considered feature-complete by the maintainers.
• The gem is released under the MIT License.

This article is instructional documentation, not an opinion piece.